Windows 10: Direct Memory Access Attack Mitigation

Discus and support Direct Memory Access Attack Mitigation in AntiVirus, Firewalls and System Security to solve the problem; The Microsoft documentation for mitigating DMA attacks includes the DataProtection/AllowDirectMemoryAccess policy. This states: This policy setting... Discussion in 'AntiVirus, Firewalls and System Security' started by SimonWoolley1, Sep 6, 2018.

  1. Direct Memory Access Attack Mitigation


    The Microsoft documentation for mitigating DMA attacks includes the DataProtection/AllowDirectMemoryAccess policy. This states:


    This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows.


    My question is what is covered under "hot pluggable PCI downstream ports"


    This link (https://www.synacktiv.com/posts/pentest/practical-dma-attack-on-windows-10.html) from May 2018 shows a DMA attack where they connect via an NVMe M.2 key B/M connector which gives them PCIe connectivity to carry out an attack using PCILeech.


    Would the DataProtection/AllowDirectMemoryAccess policy prevent this attack i.e. would the NVMe M.2 key B/M connector be classed as a "hot pluggable PCI downstream port" and therefore protected?

    :)
     
    SimonWoolley1, Sep 6, 2018
    #1
  2. Brink Win User

    Mitigating speculative execution side-channel attacks in Edge and IE11


    Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog


    See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
     
    Brink, Sep 6, 2018
    #2
  3. BitLocker and DMA and Memory Resilience attacks?


    When you fully shut down your system then your memory controller and DIMMs are powered off. So, by definition, a DMA attack won't be possible since there's no memory to access and no path for devices to access memory.
     
    PolarNettles, Sep 6, 2018
    #3
  4. Sasqui Win User

    Direct Memory Access Attack Mitigation

    Overclocking / Undervolting guide for Vega 56 or 64?

    Here's a quick laundry list:

    List of software to use for overclocking and testing
    Examples:
    Wattman (and how to find and use it, like an overview, including profiles)
    Unigine Valley or Heaven (use this for quick testing while changing settings in Wattman and checking for stability / artifacts) ...just suggesting this
    How to monitor cores / mem speeds and temps during testing (I've seen screen overlays, and others using GPUz)

    Step-by step overclocking in Wattman
    Fan speeds
    Power limit
    Temp limit
    Voltages
    Core speeds
    Memory speeds
     
    Sasqui, Sep 6, 2018
    #4
Thema:

Direct Memory Access Attack Mitigation

Loading...
  1. Direct Memory Access Attack Mitigation - Similar Threads - Direct Memory Access

  2. Dictionary attack mitigation triggered; Device locked for security reason.

    in AntiVirus, Firewalls and System Security
    Dictionary attack mitigation triggered; Device locked for security reason.: When I login to my PC I am getting this pop-up after I type in my password. I can't even get into settings. I was downloading Microsoft teams and they asked for a PIN. I tried a few of the pins that I normally use. I tried to reset my PC to finish setting it up and now I...
  3. HOW TO MITIGATE DNS DDOS ATTACK ON TMG.

    in AntiVirus, Firewalls and System Security
    HOW TO MITIGATE DNS DDOS ATTACK ON TMG.: HOW TO MITIGATE DNS DDOS ATTACK ON TMG. Please reply on this mail ID : *** Email address is removed for privacy *** https://answers.microsoft.com/en-us/protect/forum/all/how-to-mitigate-dns-ddos-attack-on-tmg/251e4007-5a98-4b28-bda2-3458b8545ad6
  4. Is there a problem with Direct Access?

    in Windows 10 Network and Sharing
    Is there a problem with Direct Access?: The company I work for implemented Direct Access about 2 years ago. All laptops connecting to our domain are running windows 10. The host server for direct access is a windows 2016 server. In the past I could RDP to laptops connected to the domain through Direct Access that...
  5. WiFi and Direct Access

    in Windows 10 Network and Sharing
    WiFi and Direct Access: So my organization uses DirectAccess to block websites, apps etc. The only problem is that it half the time takes 15 minutes to connect, or says No Internet. Please help. (It fixes with a restart or hard reboot but i don't like to do that.) Thanks...
  6. direct memory access

    in Windows 10 Drivers and Hardware
    direct memory access: just looking to find out how to enable DMAC (direct memory access controller) on windows 10 and also if there are drivers available for it? any info would be much appreciated regards: Rellik...
  7. direct access

    in Windows 10 Customization
    direct access: Does direct access work on Windows 10 Enterprise 2016 LTSB? I know it does for enterprise 2015 but cant find anything on 2016? https://answers.microsoft.com/en-us/windows/forum/windows_10-other_settings/direct-access/cb6d2868-1275-4499-90f6-83144f843b3c
  8. direct access

    in Windows 10 Network and Sharing
    direct access: Does direct access work on Windows 10 Enterprise 2016 LTSB? I know it does for enterprise 2016 but cant find anything on 2016? https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/direct-access/cb6d2868-1275-4499-90f6-83144f843b3c
  9. BitLocker and DMA and Memory Resilience attacks?

    in AntiVirus, Firewalls and System Security
    BitLocker and DMA and Memory Resilience attacks?: I an running BitLocker with fully encrypted OS drive with TPM only authentication. I have Sleep mode disabled with a setting: Never When not using my laptop, I power OFF my system completely. My question is, am I still vulnerable to DMA attacks if I shutdown my laptop...
  10. Mitigating speculative execution side-channel attacks in Edge and IE11

    in Windows 10 News
    Mitigating speculative execution side-channel attacks in Edge and IE11: Today, Google Project Zero published details of a class of vulnerabilities which can be exploited by speculative execution side-channel attacks. These techniques can be used via JavaScript code running in the browser, which may allow attackers to gain access to memory in the...

Users found this page by searching for:

  1. direct memory attack mitigations

    ,
  2. direct memory access (dma) for all hot pluggable pci on a vm